CompTIA Security + Ch 3

  1. Hardening
    Configuring an OS securely, updating it, creating rules and policies to keep the system secure. This also includes removing unnecessary applications and services.
  2. Service Pack (SP)
    A group of updates, bug fixes, updated drivers, and security fixes.
  3. Hotfix
    A single problem fix, usually to patch critical security holes in a program or third party software.
  4. Patch
    An update to a system. Usually a small fix, larger patches are referred to as software updates, or service packs.
  5. Patch Management
    The planning, testing, implementing, and auditing of patches.

    Planning- Decide if patch is necessary/compatible with other systems. Microsoft Basline Security Analyzer (MBSA) is a good program to use on the network to find security weaknesses.

    Testing- Testing of the patch/hotfix on a "test" machine or machines, is a great way of making sure that no problems occur after they are implemented.

    Implementing- If test is good, deploy the patch. This is done in the evening or over the weekend. Software such as Microsofts Systerms Management Server (SMS) or Windows Server Udate Services (WSUS).

    Auditing- After implemation, check to see if the patch/hotfix has taken hold, then check for any changes of failures due the patch/hotfix.
  6. Group Policy
    To govern user and computer accounts through a set of rules. Used in Microsoft environments.
  7. Security Template
    Groups of policies that can be loaded in one procedure.
  8. Baselining
    The process of measuring changes in networking, hardware, and software.
  9. Virtualization
    Is the creation of a virtual (rather than actual) version of something, such as a hardware platform, operating system, storage device, or network resources.
  10. Virtual Machine (VM)
    Created by virtual software, they are images of OS or individual applications.
  11. Hypervisor
    Virtual Machine software that allows multiple vitual OS (guest) to run at the same time on a single computer.

    Type 1: Native- Runs directly on the host computer's hardware. Ex. VMware ESX Server, and Microsoft Hyper-V.

    Type 2: Hosted- Runs within (or "on top of") the OS. Ex. MS Virtual PC, VMware Server, and VMware Workstation.
  12. Slipstreaming
    Enables the user to install the OS and the Service Pack (SP) at the same time.
Author
dundonj151
ID
154605
Card Set
CompTIA Security + Ch 3
Description
Security + Ch 3
Updated